package net.lzzy.demosecurityhttp.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.web.SecurityFilterChain;

@EnableWebSecurity
public class SpringSecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        //
        httpSecurity.authorizeHttpRequests(authorize ->
                authorize
                        .mvcMatchers("/test").authenticated()
                        .anyRequest().permitAll()
        )
                //
                .formLogin(Customizer.withDefaults())
                //
                .httpBasic(Customizer.withDefaults());
        return httpSecurity.build();
    }

}
